The Agile Security Forum is a broad-industry
collaborative initiative in the formative stages. It is concerned with
aligning internal security strategies (consisting of policy, procedure,
and practice) with seven areas of generally ignored reality:

Creeping Agile business practices

Increasingly agile threat community

Natural human behavior

Natural organizational behavior

Increasing globalization

Increasing new-technology pace

Increasing systems complexity

We recognize that security strategy impacts
individual and organizational productivity and goal priorities, and in so
doing, is often inadequately designed and deployed, or often ignored or circumvented
in actual daily decision making and practice.

We seek an understanding of the misalignments with
the natural forces of reality, and effective rationalized solutions that are in balance with business productivity and goal-attainment
needs.

Many such solutions can be implemented immediately
without the need for technology, some can't. Many vulnerabilities and
risks can be eliminated, others can be mitigated.

We seek to identify both technical and non-technical
solutions, develop principle-based fitness functions for both, and
spark immediate deployment of rational strategies that don't need to wait. To this
end, six frameworks are employed to guide knowledge and awareness
development, and guide more effective solutions.